40 lines
1.2 KiB
YAML
40 lines
1.2 KiB
YAML
- name: Schleife über alle WireGuard-Clients
|
|
include_tasks: generate_client_single.yml
|
|
loop: "{{ wireguard_clients }}"
|
|
loop_control:
|
|
loop_var: client
|
|
|
|
- name: Generiere privaten Schlüssel für jeden Client
|
|
shell: "wg genkey"
|
|
register: wg_client_private_keys
|
|
loop: "{{ wireguard_clients }}"
|
|
loop_control:
|
|
label: "{{ item.name }}"
|
|
# kein delegate_to mehr!
|
|
run_once: true # ggf. auch entfernen, siehe Anmerkung unten
|
|
|
|
- name: Setze globale Client-Key-Facts für alle Clients
|
|
set_fact:
|
|
wg_all_clients_private_keys: >-
|
|
{{
|
|
wg_all_clients_private_keys | default({}) | combine({
|
|
item.1.name: item.0.stdout
|
|
})
|
|
}}
|
|
loop: "{{ wg_client_private_keys.results | zip(wireguard_clients) | list }}"
|
|
delegate_to: localhost
|
|
run_once: true
|
|
|
|
|
|
- name: Generiere Private Keys für Clients
|
|
command: "wg genkey"
|
|
register: client_keys_raw
|
|
loop: "{{ wireguard_clients }}"
|
|
loop_control:
|
|
loop_var: client
|
|
changed_when: false
|
|
|
|
- name: Mappe Keys nach Namen
|
|
set_fact:
|
|
wg_all_clients_private_keys: "{{ dict(wireguard_clients | map(attribute='name') | list | zip(client_keys_raw.results | map(attribute='stdout') | list)) }}"
|